How to remove ave.exe malware

Ave.exe is the main component of each program from fake antispyware group, which includes the following programs: Total Vista Security, Vista Security Tool 2010, XP Security Tool 2010, XP Antimalware 2010, XP Defender Pro , Total XP Security, Vista Smart Security 2010, Vista Defender Pro, Vista Antimalware 2010, XP Smart Security 2010. Ave.exe infiltrate computers through the use of trojans. Once the trojan is installed and started, it will download ave.exe and save it to %AppData% folder (%AppData% is the C:\Document and Settings\[your username]\Application Data). After that, the same trojan will configure ave.exe to run automatically when you start any program by changing the file associations with “.exe” extension.

When ave.exe is started, it will imitate a system scan. Once finished, the malware will state that your computer is infected with trojans, adware or malware and that you should purchase the full version of the program to remove these infections. Important to know, the malicious program is unable to find the infections, as will not protect you from possible infection in the future. So, do not trust the scan results, simply ignore them.

While ave.exe is running, it can block execution of other programs as an attempt to scare you into thinking that your computer in danger. The program will also flood your computer with nag screens, fake security alerts and notifications from your Windows taskbar. A few examples:

Threat detected!
Security alert! Your computer was found to be infected with
privacy-threatening software. Private data may get stolen
and system damage may be severe. Recover your PC from
the infection right now, perform a security scan.

However, all of these alerts, warnings and notifications are fake and like false scan results supposed to scare you into purchasing so-called “full” version of the malicious program. You should ignore all of them!

As you can see ave.exe is very dangerous and can lead to a complete paralysis of your computer, as well as leakage of your personal data in the hands of the authors of the malicious program. Need as quickly as possible to check your computer and remove all found components of this malware. Use the removal guide below to remove ave.exe and any associated malware from your computer for free.

Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MalwareBytes Anti-malware onto your computer. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to “Update Malwarebytes’ Anti-Malware” and Launch “Malwarebytes’ Anti-Malware”. Then click Finish.

MalwareBytes Anti-malware will now automatically start and you will see a message stating that you should update the program before performing a scan. If an update is found, it will download and install the latest version.

As MalwareBytes Anti-malware will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main menu. You will see window similar to the one below.

Malwarebytes Anti-Malware Window

Make sure the “Perform quick scan” option is selected and then click on the Scan button to start scanning your computer for ave.exe infection. This procedure can take some time, so please be patient.

When the scan is finished a message box will appear that it has completed scanning successfully. Click OK. Now click “Show Results”. You will see a list of infected items similar as shown below.
Note: list of infected items may be different than what is shown in the image below.

Malwarebytes Anti-malware, list of infected items

Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove ave.exe. MalwareBytes Anti-malware will now remove all of associated ave.exe files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.

159 Comments

Mister_moose It is not because Microsoft makes it too easy it is because end users make it easy. Anyone that has a mac can get viruses just as easy if someone wanted to take the time in infect 10% of the users out there. What is more fun? Hit 10% of the end users or 90% of the end users?

Anyway I had to use the TDSSKiller and then Malwarebytes after that and so far it might be fixed. I will update if I see any more problems.

I had MalwareBytes downloaded onto the infected computer previously before it became infected. It obviously wouldn’t let me open it, so I tried your trick of renaming it (including that randomly generated file name link) and those all didn’t work. I also tried to download that thing that removes TDSSKiller and no avail. Whenever I try and run an installation, it comes up with:

Windows cannot open this file:

File: mbam.exe

to open this file, windows needs to know what program created it. Windows can go online to look it up automatically, or you can manually select from a list of programs on your computer.

What do you want to do?

and then it gives me the option of using the web service to find the appropriate program or selecting the program from a list.

it does this with everything. it also won’t let me run the properties of the my computer tab. HELP PLEASEEE! 🙁

i tried method one before and i ran malwarebytes, it detected just 4 viruses and deleted them. however, i did another scan afterwards with another antimalware software and it told me the ave.exe file was still there, i did method 2 and ran malwarebytes again but it didn’t detect any viruses. does that mean im safe?
thanks!

thank you this is the worst virus i have had in years and i have no idea where i picked it up from. could it of been dormant? i did get a msg from pc tools firewall saying that ave.exe wants to acess an i p address but i cant rememeber it. and i tried to deny the acsess but it looks like it was overrided think i might consider boosting my security yet again. cos ”avg’ ‘asc’ and pctools firewall all missed it. thank you agian. one last thing who the hell are ‘Russian fed’ any way? what c***’s cheers

I followed your instructions.
First step one. Double clicked it. Restarted.
Then step two. Double clicked it, nothing happened. Of course, upon reading again I see that I should have right clicked and install. So I did.

Restarted and I am extremely pleased to say that the bug screens had gone.

I then donwloaded your Malwarebytes programme and ran a fast scan. 5 problems found. Deleted them. All seems ok now, just I will remain paranoid for a bit.

Thank you so, so much. I like many others are very grateful to you ‘intelligent guys’ who offer their help and wisdom.

Personally, I would like to see the people who create the harm crawl away and die. … Or is that too right wing?

I keep getting these trojans (three times! from three different non-pr0n sites!)…a friend was removing by doing the old take-my-hardrive-and-clean-from-another-system trick, but he’s out of town and I haven’t the equipment.

I’ve followed all the steps outlined here – rkill, safe mode, MalwareBytes, Superantispyware, and they come up clean, but as soon as I restart the damn thing reappears in my double-check run of Malwarebytes (including the ave.exe registry thing).

I have been getting this virus repeatedly, on my fully-patched XP pro machine running Avast! and Windows firewall. The first two times a friend fixed by doing the remove-harddrive and slave it to clean and rewrite MBR, etc. trick, but (a) he’s out of town and (b) he’s sick of doing it. Me too.

I don’t get why I’m having this trouble – I follow all the steps here (rkill, superantispyware, malwarebytes, safe mode, repeat until clean), but every time I reboot, the damned thing comes back!

I see the ave.exe key in my registry, but it won’t let me delete it (or I’m not sure how…not experienced in regedit).

Also, I have no XP disk, because it’s one of the laptops with the stupid ‘recovery sector’ on the HD instead.

I tried both of these steps, and after I restarted it wouldn’t find the correct way to open anything. It kept saying things like, ‘windows cannot find the correct program to open Iexplore.exe.’ and such things… Help?

This worked but there’s a bit of a trick to it because how can you copy and paste if you can’t open your browser or for that matter if you can’t open your browser how can download Malware Bytes if you can’t open your browser? If you had trouble, I hope these tips help you.

First, before you do anything, open your task manager, right-click on ave.exe and select “end process tree” and confirm. Keep task manager open at all times during this process and then try to open up FireFox.

Now, you’ll immediately get all of those BS messages from ave.exe but when that happens, go to ave.exe in the task manager AGAIN and end the process tree AGAIN. It may take a few seconds BUT Firefox will open up.

If it doesn’t work right off the bat, keep double-clicking the Firefox icon on your desktop so you open it up like 7 times (again it may take a few moments before you see the Firefox windows), then go back to task manager and end ave.exe process tree AGAIN as it will only show up once. Now close all of the Firefox windows but one and find this page.

Now, follow the instructions EXACTLY as described (I used method one).

I the right part of window click twice to “@”. You will see a screen with the contents like below: “C:\Documents and Settings\user\Local Settings\Application Data\ave.exe” /START “C:\Program Files\Internet Explorer\iexplore.exe”
Remove left part, leave only “C:\Program Files\Internet Explorer\iexplore.exe”.

Follow US

NEED A HELP ?

If you’re seeing unwanted pop-ups or ads, browser extensions or toolbars in your web-browser, you might have an adware, malware or spyware installed on your computer. Here are some steps you can take to remove unwanted software. Or ask for help here.